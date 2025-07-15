NVIDIA's BlueField DPUs offer a cutting-edge technology for live machine introspection at the hardware level called DOCA Argus. This technology analyzes specific snippets of volatile memory directly, providing attested insights into the operation of various workloads, whether they are bare-metal, virtualized, or containerized. Volatile memory is considered the ground truth for understanding workload operations. Privacy is a fundamental design requirement, ensuring that no user data is accessed. This unique security technology is available as part of the DOCA software framework, both as an SDK and as a service.

DOCA Argus Service for Workload Threat Detection is a novel approach for container threat detection in AI workloads and microservices, utilizing a Bluefield DPU to perform live machine introspection at the hardware level. This approach analyzes specific snippets of volatile memory to provide real-time visibility into container activity and behavior at the network, host, and application levels.

The state of container node images is continuously monitored in real-time, checking for deviations from their secure, compliant versions and configurations to detect and stop runtime attacks. These insights also include the ability to identify attacks targeting network facing applications/services.

The Argus service provides events and data on any object on the OS (host/VM) without any configuration needed and without any active part from the user or the host.

Examples what Argus service provides: